Vulnerability Platform

最新 POC 列表

Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.Public POCs are scraped from GitHub / security community. AI Exclusive POCs are generated by Shenlong Agent — paid content.

Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access.Shenlong AI Exclusive POCs are paid content. Logged-in users get 3 free unlocks/month; upgrade to Pro for unlimited access. Log in / View plans

CVE-2026-28681IRRd: web UI host header injection allows password reset poisoning via attacker-controlled email links AI Paid

kimi-k2.5 · 10528 chars · 2026-04-24 09:37

查看详情

CVE-2026-32729Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp` AI Paid

kimi-k2.5 · 8957 chars · 2026-04-24 09:36

查看详情

Goal Reached Thanks to every supporter — we hit 100%!

最新 POC 列表

CVE-2026-4566Belkin F9K1122 formWISP5G stack-based overflow AI Paid

CVE-2026-4565Tenda AC21 SetNetControlList formSetQosBand buffer overflow AI Paid

CVE-2026-34954PraisonAI: SSRF in FileTools.download_file() via Unvalidated URL AI Paid

CVE-2026-5534itsourcecode Online Enrollment System Parameter index.php sql injection AI Paid

CVE-2026-32627cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy AI Paid

CVE-2026-32621Apollo Federation has prototype pollution via incomplete key sanitization AI Paid

CVE-2026-28680Ghostfolio: Full-Read SSRF in Manual Asset Import AI Paid

CVE-2026-4600jsrsasign 安全漏洞 AI Paid

CVE-2026-4567Tenda A15 UploadCfg stack-based overflow AI Paid

CVE-2026-32616Pigeon has a Host Header Injection in email verification flow AI Paid

CVE-2026-28681IRRd: web UI host header injection allows password reset poisoning via attacker-controlled email links AI Paid

CVE-2026-28679HomeGallery: Path Traversal (Arbitrary File Read) AI Paid

CVE-2026-4598jsrsasign 安全漏洞 AI Paid

CVE-2026-4602jsrsasign 安全漏洞 AI Paid

CVE-2026-32729Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp` AI Paid

CVE-2026-4599jsrsasign 安全漏洞 AI Paid

CVE-2026-4601jsrsasign 安全漏洞 AI Paid

CVE-2026-28429Talishar: Critical Path Traversal in gameName Parameter AI Paid

CVE-2026-28683Gokapi: Stored XSS in SVG Hotlinks AI Paid

CVE-2026-4580code-projects Simple Laundry System Parameters checkupdatestatus.php sql injection AI Paid